<?php
include_once("secret/sessionmanager.php");
initSession();
include_once "secret/config.php";
include_once "secret/attributes.php";

if (!isset($_SESSION['lang'])) {
	$_SESSION['lang'] = $default_language;
}

switch ($_SESSION['lang']) {
	case "english" : include "languages/english.inc.php"; break;
	case "chinese" : include "languages/chinese.inc.php"; break;
	case "taiwanese" : include "language/taiwanese.inc.php"; break;
	default : include "languages/english.inc.php"; break;
}


?>
<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title><?php echo PROGRAM_NAME; ?></title>
<meta http-equiv="content-type" content="text/html; charset=<?php echo $default_charset; ?>">
<link rel="stylesheet" type="text/css" href="secret/styles.css" />
</head>
<body>
<?php


?>
<table class="standard" cellpadding="0" cellspacing="0" border="0" style="margin-top:200px; width:250px;" align="center">
<tr class="firstcolor"><td colspan="2" align="center" class="tblhead"><?php echo PROGRAM_NAME." ".VERSION." - ".REGISTER_REGISTRATE; ?></td></tr>
<tr class="firstcolor"><td colspan="2" align="center"><?php echo $owner; ?></td></tr>
<tr class="firstcolor"><td colspan="2" align="center">&nbsp;</td></tr>
<tr class="firstcolor"><td align="center">

<?php 
$loginusername = "";
$ingameusername = "";
$password = "";
$email = "";
$allytag = "";
mysql_connect($dbhost,$dbusername,$dbpassword);
mysql_select_db($dbname);

if (isset($_GET['action']) && $_GET['action'] == "verify" && isset($_GET['id']) && strlen($_GET['id'])==32 && isset($_GET['email'])) {
	$id = mysql_escape_string($_GET['id']);
	$email = mysql_escape_string(urldecode($_GET['email']));
	// in new multiuser version, user can use galatool right after he verified his account
	//$query = "UPDATE $utablename SET status='admin' WHERE userpass='$id' AND email='$email'";
	$query = "UPDATE $utablename SET status='active',cansearch='true',caninsert='true',statusview='true',probeview='true',userman='false', allyhistory='false', diplomatic='true' WHERE userpass='$id' AND email='$email'";
	$res = mysql_query($query);
	if (!$res) {
		echo "<div class=\"failure\">".REGISTER_ERROR3."<br>".mysql_error()."</div>";
	} else {
		echo "<div class=\"success\">".REGISTER_INFO3."</div>";
	}

} else {

	if (isset($_POST['loginusername'])) {
		// get all reg. information
		$loginusername = preg_replace("/[^a-zA-Z0-9_\s\-\.]/","",$_POST['loginusername']);
		$password1     = preg_replace("/[^a-zA-Z0-9_\s\-\.]/","",$_POST['password1']);
		$password2     = preg_replace("/[^a-zA-Z0-9_\s\-\.]/","",$_POST['password2']);
		$ingameusername = mysql_real_escape_string(trim(stripslashes($_POST['ingameusername'])));
		$email          = trim(stripslashes($_POST['email']));
		$allytag        = mysql_real_escape_string(trim(stripslashes($_POST['allytag'])));
		$universe	= preg_replace("/[^0-9]/","", $_POST['universe']);
		$ogameserver	= mysql_real_escape_string(trim(stripslashes($_POST['ogameserver'])));

		if (empty($loginusername) || empty($password1) || empty($password2) || empty($ingameusername) ||
		empty($email) || empty($allytag) || empty($universe) || empty($ogameserver) || ($password1 != $password2) ||
		preg_replace("/([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})/","",$email) != "" )
		{
			$error_occured = true;
			if ($password1 != $password2 || empty($password1)) $error['pass'] = "class=\"failure\"";

		} else {
			// save data
			$query = "INSERT INTO $utablename (username,userpass,stylepath,email,ingame,allytag,universe,ogameserver)
			      VALUES ('$loginusername','".md5($password1)."','styles.css','".mysql_real_escape_string($email)."','$ingameusername','$allytag',$universe,'$ogameserver')";
			$res = mysql_query($query);
			if (!$res) {
				echo "<div class=\"failure\">".REGISTER_ERROR1."</div>";
				$error_occured = true;
			} else {
				echo "<div class=\"success\">".REGISTER_INFO1."</div>";

				if($need_email_activated) {
					// send email for veryfication
					$link = strtolower(strtok($_SERVER['SERVER_PROTOCOL'], '/')).'://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']."?action=verify&id=".md5($password1)."&email=".$email;
					$link .= "\n\n";
					$headers = "From: ogame@utblog <".$email_from.">\n" .
					'X-Mailer: PHP/' . phpversion() . "\n" .
					"MIME-Version: 1.0\n" .
					"Content-Type: text/plain; charset=utf-8\n" .
					"Content-Transfer-Encoding: 8bit\n";
					// Send
					$result = mail($email, REGISTER_EMAILVERIFICATION, REGISTER_EMAILTEXT."\n".$link, $headers);
	
					/*
					// send email to tool admin
					$link = strtolower(strtok($_SERVER['SERVER_PROTOCOL'], '/')).'://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
					$link = str_replace("register.php","",$link);
					$headers = "From: ".$email_from."\n" .
					'X-Mailer: PHP/' . phpversion() . "\n" .
					"MIME-Version: 1.0\n" .
					"Content-Type: text/plain; charset=utf-8\n" .
					"Content-Transfer-Encoding: 8bit\n";
					// Send
					$result = mail($email_from, REGISTER_NEW_SUBJECT , REGISTER_NEW_MAILTEXT."\nloginusername: $loginusername\ningame:$ingameusername\n\nlink: $link", $headers);
					*/
					if ($result) {
						echo "<div class=\"success\">".REGISTER_INFO2."</div>";
					} else {
						echo "<div class=\"failure\">".REGISTER_ERROR2."</div>\n";
					}
				} else {
					$query = "UPDATE $utablename SET status='active',cansearch='true',caninsert='true',statusview='true',probeview='true',userman='false', allyhistory='false', diplomatic='true' WHERE username='$loginusername'";
					$res = mysql_query($query);
					if (!$res) {
						echo "<div class=\"failure\">".REGISTER_ERROR3."<br>".mysql_error()."</div>";
					} else {
						echo "<div class=\"success\">".REGISTER_INFO3."</div>";
					}
				}
				
				echo '<div style="padding-top:10px;"><input class="button" type="submit" name="'.urlencode(REGISTER_BUTTON).'" value="'.REGISTER_BUTTON.'" onclick="window._content.document.location=\'index.php\'" /></div>';
			}
		}
	}

	if ((isset($error_occured) && $error_occured) || !isset($_POST['loginusername'])) {
		if (!isset($error_occured)) $error_occured = false;
		// show registration Screen
		if (!isset($error['pass'])) $error['pass'] = "";
		if ($error_occured && empty($loginusername)) {
			$error['loginname'] = "class=\"failure\"";
		} else $error['loginname'] = "";
		if ($error_occured && empty($ingameusername)) {
			$error['ingamename'] = "class=\"failure\"";
		} else $error['ingamename'] = "";
		if ($error_occured && (empty($email) || preg_replace("/([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})/","",$email) != "")) {
			$error['email'] = "class=\"failure\"";
		} else $error['email'] = "";
		if ($error_occured && empty($allytag)) {
			$error['ally'] = "class=\"failure\"";
		} else $error['ally'] = "";
		if ($error_occured && empty($universe)) {
			$error['universe'] = "class=\"failure\"";
		} else $error['universe'] = "";
		if ($error_occured && empty($ogameserver)) {
			$error['ogameserver'] = "class=\"failure\"";
		} else $error['ogameserver'] = "";

		$text_to_show = REGISTER_ERROR0;
		
		
		echo '
	<form action="register.php" method="POST">
	'.$text_to_show.'<br />
	<table width="100%" border="0" cellpadding="0" cellspacing="0" class="standard">
	<tr class="firstcolor"><td '.$error['loginname'].'>'.REGISTER_LOGINNAME.':</td><td><input type="text" name="loginusername" maxlength="20" class="textfield" value="'.$loginusername.'" style="width:100px;" /></td></tr>
	<tr class="firstcolor"><td '.$error['pass'].'>'.REGISTER_PASSWORD.':</td><td><input type="password" name="password1" maxlength="20" class="textfield" value="" style="width:100px;" /></td></tr>
	<tr class="firstcolor"><td '.$error['pass'].'>'.REGISTER_PASSWORD_CONFIRM.':</td><td><input type="password" name="password2" maxlength="20" class="textfield" value="" style="width:100px;" /></td></tr>
	<tr class="firstcolor"><td '.$error['email'].'>'.REGISTER_EMAIL.':</td><td><input type="text" name="email" maxlength="50" class="textfield" value="'.$email.'" style="width:100px;" /></td></tr>
	<tr class="firstcolor"><td '.$error['ingamename'].'>'.REGISTER_INGAME.':</td><td><input type="text" name="ingameusername" maxlength="20" class="textfield" value="'.$ingameusername.'" style="width:100px;" /></td></tr>
	<tr class="firstcolor"><td '.$error['ally'].'>'.REGISTER_ALLYTAG.':</td><td><input type="text" name="allytag" maxlength="10" class="textfield" value="'.$allytag.'" style="width:100px;" /></td></tr>
	<tr class="firstcolor"><td '.$error['universe'].'>'.REGISTER_UNIVERSE.':</td><td><input type="text" name="universe" maxlength="10" class="textfield" value="'.(empty($univeral) ? 1 : $universe).'" style="width:60px;" />&nbsp;&nbsp;1~99</td></tr>
	<tr class="firstcolor"><td '.$error['ogameserver'].'>'.REGISTER_OGAMESERVER.':</td><td><select name="ogameserver" class="textfield"><option selected="true">ogame.com.cn</option><option>ogame.org</option><option>ogame.tw</option></select><!-- <input type="text" name="ogameserver" maxlength="15" class="textfield" value="'.'ogame.com.cn'.'" style="width:100px;" readonly/> //--></td></tr>
	<tr class="firstcolor"><td colspan="2" align="center"><input class="button" type="submit" name="'.urlencode(REGISTER_REGISTRATE).'" value="'.REGISTER_REGISTRATE.'"></td></tr>
	</table>	
	</form>
	';
	}
}
?>
</td>
</tr>
</table>
</body>
</html>